Commit Graph

44 Commits

Author SHA1 Message Date
Tim Abbott 6e149a7594 lint: Add JS indentation eslint rules for node_tests.
The only difference between this as the main project's lint rules is
that we dont have the OuterIIFE setting.
2018-05-06 19:35:18 -07:00
Tim Abbott 65b9d9e0f3 CVE-2018-9990: Fix XSS issue with stream names in topic typeahead.
Zulip's search typeahead had a security bug, where when autocompleting
a specially crafted stream name, and then hitting space, code within
the stream name would be executed.

Zulip was doing HTML escaping correctly in the main code path using
Filter.describe to describe a narrow, but the escaping function was
not called in a few parallel code paths.  We fix this in a way that
should protect all of these code paths, by making Filter.describe
return properly escaped HTML, rather than depending on its callers to
do so.

Thanks to w2w for reporting this issue.
2018-04-12 09:46:54 -07:00
Rohitt Vashishtha b22e8dc2b7 lint: Replace 'return undefined;' with 'return;'.
Also adds a custom rule to eslint. Since the recommended way of extending
eslint is to create plugins as standalone npm packages, the separate rule
is published as 'eslint-plugins-empty-returns'.

Fixes #8669.
2018-03-13 08:22:42 -04:00
Steve Howell 19ca4bff82 node tests: Use zrequire in search_suggestion.js. 2017-11-08 12:24:17 -08:00
Cory Lynch a90eda0154 Add 'group-pm-with' to operator autocomplete.
As you're typing this new keyword, it should be suggested
via get_operator_suggestions. Added relevant test.
2017-09-24 13:56:33 -04:00
Abhijeet Kaur 2bf3324395 frontend: Add ability to search by "group-pm-with" search operator.
This allows user to view all group private conversation messages
with a specific user. That is, it views all the the group private
messages from groups which include the given user.

Add search suggestion for group-pm-with. Add operator name
and description in "Search operators" tab.

Add change in tab name to "Group Messages" when using this operator.
Add frontend_tests for group-pm-with search operator.

Fixes: #3882.
2017-09-24 11:58:48 -04:00
Steve Howell 5a8bccfe08 topic_data.js: Refactor topic history internals.
This commit introduces a per-stream topic_history class
inside of topic_data.js to better encapsulate how we store topic
history.

To the callers, nothing changes here.  (Some of our non-black-box
node tests change their way of setting up data, though, since the
internal data structures are different.)

The new class has the following improvements:

    * We use message_id instead of timestamp as our sorting key.
      (We could have done this in a prep commit, but it wouldn't
      have made the diff much cleaner here.)

    * We use a dictionary instead of a sorted list to store the
      data, so that writes are O(1) instead of O(NlogN).  Reads
      now do sorts, so they're O(NlogN) instead of O(N), but reads
      are fairly infrequent.  (The main goal here isn't actually
      performance, but instead it just simplifies the
      implementation.)

    * We isolate `topic_history` from the format of the messages.
      This prepares us for upcoming changes where updates to the
      data structure may come from topic history queries as well
      as messages.

    * We split out the message-add path from the message-remove
      path.  This prepares us to eventually get rid of the "count"
      mechanism that is kind of fragile and which has to be
      bypassed for historical topics.
2017-07-27 14:26:22 -07:00
Steve Howell bc0761b22b Extract topic_data.js.
This new module tracks the recent topic names for any given
stream.

The code was pulled over almost verbatim from stream_data.js,
with minor renames to the function names.

We introduced a minor one-line function called stream_has_topics.
2017-07-27 14:26:22 -07:00
Steve Howell b95e785335 recent topics: Extract get_recent_topic_names().
We now have all of our callers into recent_topics code just
receive a list of topic names from get_recent_topic_names().

This is more encapsulated than handing off tiny little
structures to the three callers, two of whom immediately
mapped the objects to names, and one of whom needlessly
used the now defunct name canon_subject field.

The consolidation here removes some "subject" references, and
now all lookup are by stream id, not stream name.

The diff here is a bit daunting, but it's mostly simplification
of tests and calling code.  Two of the callers now need to look
up stream ids, but they are otherwise streamlined.

The main change here is to stream_data.js, and we replace the
`canon_subject` and `subject` fields with `name`.
2017-07-27 14:26:22 -07:00
Cory Lynch a607130cae search_suggestion: Add tests for query with spaces.
Specifically, this checks to make sure that if you
surround an operand with quotes, having spaces inside
is permitted. Also, an extra space after the operator is
also permitted.
2017-07-14 17:33:09 -07:00
Cory Lynch 1dba70ca0d search_suggestion: Fix highlighting for multi-word streams.
I deleted a test case that involved a highlighted stream, but
the query was empty. This produces kind of a weird result with
typeahead_helper.highlight_with_escaping, but this function already
has coverage in node_tests/typeahead_helper.js, so the check here
was essentially redundant anyway. Specifically, the highlighter
wraps every character individually with <strong>, and looks really
messy in html.
2017-07-14 17:33:09 -07:00
Cory Lynch 4f8a2d0c57 filter.js: Make from/sender descriptions more concise. 2017-07-07 20:54:54 -07:00
Cory Lynch 2ce7a20237 search_suggestion: Support autocompleting operator names.
Fixes #5399
2017-07-07 20:54:54 -07:00
Cory Lynch 75617d07de search_suggestions: Prioritize recent huddles.
Fixes #5612. What this specifically does is that if you are
typing a group PM, this logic iterates through the possible
search suggestions for the next autocomplete. If that suggestion
contains a group PM that already exists, then prioritize it with
the most recent one on top.
2017-07-07 12:12:30 -07:00
Cory Lynch 7efba29b0c search_suggestions: Hide own name in huddle suggestions. 2017-07-07 12:12:30 -07:00
Cory Lynch 8abbb6d781 search: Remove in:all token from suggestions. 2017-07-01 12:19:52 -04:00
Cory Lynch 090d7487cf search_suggestion: Use person matching function from people.js.
Instead of having a custom (duplicate) matching function in
search suggestion, it was refactored to use the function in
people.js. This also gets the diacritic-ignoring feature
of the function in people.js.

Fixes #5315.
2017-06-23 08:29:20 -04:00
Cory Lynch 58a2ffbe1d Add search suggestion support for is:unread. 2017-06-19 06:51:13 -04:00
Cory Lynch 11a7a476d7 search_suggestion: Add negation support for 'has' operator. 2017-06-15 02:32:00 -07:00
Cory Lynch da4e2954fe search_suggestion: Remove is:private as default suggestion. 2017-06-15 02:20:50 -07:00
Cory Lynch 89b8d07420 Make search suggestion messages more concise.
This involves updating filter.js, mostly. The
tests were updated appropriately for this change,
which also involved changing a caspar test for
narrowing.
2017-06-14 22:34:46 -07:00
Cory Lynch ab5b0e938d Add support for "has" operator in search_suggestions.
This was never a feature in the old search_suggestions
version, so a new helper function for it was added.

Relevant tests were also added, maintaining 100% coverage.
2017-06-14 22:34:46 -07:00
Cory Lynch a7ec8cd1f3 Improve topic in search_suggestion.js.
Also added some additional testing to handle
some edge cases that I'd like to make sure
don't break down.
2017-06-14 22:34:46 -07:00
Cory Lynch 69e8074d14 Improve person/group in search_suggestions.js.
The get_person_suggestions and get_group_suggestions functions
were updated to the new system. Support for negation is also
added in the new system.

Relevant tests were also updated. Also, note that the function
get_private_suggestions was removed, as it was rendered
obsolete by these updates.
2017-06-14 22:34:46 -07:00
Cory Lynch c8d4eff8aa Improve sent_by_me in search_suggestions.js.
Added appropriate tests.
2017-06-14 22:34:46 -07:00
Cory Lynch 79d56c94dc Improve default and special_filter in search_suggestion.js.
Special filter was updated to work even when it is not the first
token in a search query. Furthermore, the default query was
moved around to work with the changes to come for the new
suggestion system.

A test also had to be modified to work with the new system.
2017-06-14 22:34:46 -07:00
Steve Howell c02f4b4756 Add people.initialize().
This makes us not have to stub jquery in many of our node
tests!
2017-05-23 19:35:08 -07:00
Steve Howell efb35afeb7 Track recent topics (and active streams) using stream id.
This commit changes the key for recent_topics to be a
stream id.  For streams that have been renamed, we will now
get accurate data on recent topics and active streams as
long as stream_data.get_stream_id(stream_name) returns a
valid value.
2017-05-15 14:47:41 -07:00
Steve Howell 8eb86335b9 Extract narrow_state.js.
Despite the length of this commit, it is a very straightforward
moving of code from narrow.js -> narrow_state.js, and then
everything else is just s/narrow.foo()/narrow_state.foo()/
(with a few tiny cleanups to remove some code duplication
in certain callers).

The only new functions are simple setter/getters that
encapsulate the current_filter variable:

    narrow_state.reset_current_filter()
    narrow_state.set_current_filter()
    narrow_state.get_current_filter()

We removed narrow.predicate() as part of this, since it was dead
code.

Also, we removed the shim for narrow_state.set_compose_defaults(),
and since that was the last shim, we removed shim.js from the app.
2017-04-25 09:57:32 -07:00
Elliott Jin 9b854c62bc search_suggestion: Suggest multiple people in `pm-with` searches.
Currently, searching for group private messages requires typing each
person's email individually.  This change improves the typeahead
suggestions for group `pm-with` searches by suggesting additional people
whenever a comma is entered.

Fixes: #3575
2017-02-07 14:13:29 -08:00
Steve Howell 53308b49b2 refactor: Remove last uses of page_params.email in JS code.
Earlier commits removed all uses of page_params.email outside
of people.js, and it turns out we have page_params.user_id, so
we don't even need page_params.email for seeding the data.
2017-01-21 21:45:12 -08:00
Steve Howell 2af0302ed0 refactor: Use people.my_current_email() in search_suggestion.js. 2017-01-21 21:45:12 -08:00
Sampriti Panda e666a62c6a search: Extract 'Sent by me' suggestion logic into separate method.
This also adds a nice test suite for it.
2017-01-11 16:30:07 -08:00
Sampriti Panda c613e510ed search: Add autocomplete for 'from' operator.
Fixes #2932.
2017-01-11 16:29:58 -08:00
Steve Howell b2bb2f8ea0 Extract people.init() function.
We need this for node tests, so that you don't have to explicitly
remove every user between tests.  (Also, people.remove() is about
to have different semantics.)
2016-12-15 17:44:58 -08:00
Tim Abbott 459421d045 eslint: Update node tests to use new comma-dangle rules.
* In most cases, eslint --fix with the right comma-dangle settings was
  able to update the code correctly.

* The exceptions were cases where the parser incorrectly treated the
  arguments to functions like `assert_equal` as arguments; we fixed
  these manually.  Since this is test code, we can be reasonably
  confident that just fixing the failures suffices to correct any bugs
  introduced by making changes automatically.
2016-12-03 15:00:24 -08:00
AZtheAsian 5e9918135b eslint: change quote-props from off to error and fix violations. 2016-12-02 18:35:53 -08:00
Steve Howell 4cd39010d1 Add people.get_person_from_user_id().
This requires the introduction of people_by_user_id_dict
and changes to people.add() and people.remove().
2016-11-04 11:30:18 -07:00
Steve Howell d70ac2fc0d Remove obsolete code for page_params.people_list.
The only module that uses people_list now is people.js, and that's
only during the page load process.
2016-11-01 13:55:48 -07:00
Steve Howell 06d7012113 Use people.get_all_persons() for search_suggestion.js.
This is better than using page_params.people_list, which may
go out of sync when live updates happen.
2016-11-01 13:55:48 -07:00
Steve Howell 6a54dfc127 Remove recent_subjects from node tests.
We now use stream_data.populate_stream_topics_for_tests(),
which hides some of the implementation details of initializing
the data structure.
2016-10-28 13:52:25 -07:00
Tim Abbott d2be9241f2 feature_flags: Eliminate always true negated_search feature. 2016-10-11 20:50:47 -07:00
Vishnu Ks d30ea0bc44 Move recent_subjects to stream_data. 2016-06-07 17:50:16 -07:00
Tim Abbott 10657c1d53 Move node tests to node_tests/. 2015-10-28 10:11:47 -07:00